CVE-2019-3706 is a vulnerability in Dell Idrac9 Firmware
Published on April 26, 2019
Web Interface Authentication Bypass Vulnerability
Dell EMC iDRAC9 versions prior to 3.24.24.24, 3.21.26.22, 3.22.22.22 and 3.21.25.22 contain an authentication bypass vulnerability. A remote attacker may potentially exploit this vulnerability to bypass authentication and gain access to the system by sending specially crafted data to the iDRAC web interface.
Products Associated with CVE-2019-3706
Want to know whenever a new CVE is published for Dell Idrac9 Firmware? stack.watch will email you.
Affected Versions
Dell EMC iDRAC:- Version 3.24.24.24 and below 3.24.24.24 is affected.
- Version 3.21.26.22 and below 3.21.26.22 is affected.
- Version 3.22.22.22 and below 3.22.22.22 is affected.
- Version 3.21.25.22 and below 3.21.25.22 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.